Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Stats and ICMP patch

From: "Ian Peters" <ian () ianpeters net>
Date: Sat, 21 Jun 2003 05:57:31 -0400
Hi all,

I've been tracking nmap for a while now with a combination of several 
patches. When Syra sent the statistics patch for nmap3.28 a short while 
ago I decided maybe it's time to see if anyone else wants to make use of 
it, so it's included here.

Basically this patch is a combination of....
- Ian Vitek's original patch, slightly modified. It handles -sR a little 
better, and has a little more info. I think it also fixed a problem 
where the ETS sometimes went negative
- Guillaume Valadon's (I think) patch to give a little more info about 
'filtered' ports - namely by telling you the ICMP message nmap 
received. I've added some support for other logging types for this info, 
as IIRC the original only supported human-readable.
- I've included a --shutdown option. This means that in the rare event 
you do a -sT scan, shutdown() is called before close(). The reason for 
this is that on some manky network stacks, when doing heavy scans, boxes 
sometimes fell over. I tracked this down to a memory leak in some stacks 
where if a FIN isn't received before a RST, a short-term memory leak 
occurs. When doing a heavy scan, this aggregates really quickly, with 
the obvious result.
- When doing loads of big scans that I wanted to grep through I needed 
non-summarised output. Therefore, I added a --fulloutput option, which 
stops nmap from summarising.

It's been tested as I've patched, but only on Linux, and I've only just 
patched to 3.28, but it should be okay. Any problems etc, please drop me 
a line - I hope it's some use.

All the changes should be inside #ifdef WITH_STATS  sections, so you
can patch and then compile/recompile to see if any problems you 
encounter are due to my code. Also makes the diff easier to debug.

Cheers,

Ian

Attachment: nmap-3_28-3_28IX.diff
Description: 

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Previous By Date Next
Previous By Thread Next

Current thread: